Cisco Wireless Release 8.1 Bulletin

Support for new WLC5520 and WLC8540 wireless controllers

The 5520 and 8540 WLCs are optimized for 802.11ac Wave 2 with support for centralized, FlexConnect, and mesh deployment modes of operation.

Future-ready support for highly scalable enterprise and service provider networks with simplified licensing, simplified setup, high-availability resiliency and integrated services.

Hyperlocation with Advanced Security^*

The Hyperlocation module provides improved location refresh with FastLocate and Advanced Security with Cisco CleanAir^®, wireless intrusion prevention system (wIPS), and rogue detection capabilities for 802.11ac networks. This module also provides an integrated BLE beacon.

When used with a hyperlocation antenna, the solution uses Wi-Fi signals from the client to measure time (range) and angle of arrival (direction) and provides client location with up to 1m accuracy in multi-access-point deployments.

Accurately determines client location for microlocation targeting with hyperlocal content. FastLocate enables real-time device and asset tracking.

The integrated BLE beacon simplifies beacon management by removing battery life concerns and enables centralized visibility of beacon health.

Advanced Security detects and mitigates security threats on 802.11ac networks.

BLE proximity beacon detection using CleanAir^®

CMX 10.1 provides a centralized platform to monitor and manage BLE beacons

Access points use the existing CleanAir subsystem to detect and locate BLE devices used as proximity beacons.

Existing CleanAir-capable access points can detect and locate BLE beacons.

Provides investment protection and security for BLE services.

Existing CleanAir access points can enable asset tracking of legitimate BLE devices (includes alerting of missing/moved BLE devices).

“Rogue” proximity services beacons (BLE devices that have been deployed without the permission of the venue owner and possibly for malicious purposes) can be monitored, detected, located, and reported.

Enhanced HDX:Dynamic bandwidth selection (DBS)

Automatic and intelligent configuration of 5-GHz channel bandwidth (20, 40, 80 MHz) for “best” channel width. Achieved by learning both client mix and presence of neighboring access points and wireless networks.

Provides simplified WLAN configuration, improved spectrum efficiency (uses only what is needed), and optimized high-density performance.

Enhanced HDX:

Flexible dynamic frequency selection (FlexDFS)

Automatically adjusts both channel selection and channel width for 5-GHz spectral regions requiring radar detection and avoidance.

Only the channel segment that the radar is detected in is intelligently and automatically abandoned.

This enables use of the maximum allowable amount of RF spectrum, and spectrum efficiency is optimized, resulting in an improved ROI for 5-GHz deployments.

Enhanced HDX: Airtime fairness^*

Enables an administrator to allocate downlink airtime to groups of clients in a shared WLAN.

Provides improved fulfillment of service-level agreements (SLAs) by providing a simple way for a WLAN administrator to assign downlink airtime per customer.

Enhanced HDX:

Enhanced interference mitigation

Event-driven radio resource management (ED-RRM) is triggered by Wi-Fi interference (faster channel change than the typical dynamic channel assignment [DCA] cycle in RRM).

Rogue networks can appear faster than a typical DCA cycle will report. This feature enables faster mitigation for Wi-Fi interference avoidance and provides improved protection of WLAN services, comparable to non-Wi-Fi interference mitigation with CleanAir.

Enhanced HDX:

Optimized roaming extensions

802.11v BSS Transition Management (the infrastructure provides explicit advice to clients for reassociation and roaming).

Greater airtime efficiency is achieved by improved load balancing, as better RF connectivity reduces airtime, and less scanning by clients reduces airtime used for Wi-Fi roaming.

Fast roaming for connected transportation

Maintains reliable Wi-Fi connectivity for workgroup bridges (WGB) mounted on vehicles moving at high speeds of upto 100km/h, such as rapid transits.

Passengers on the vehicle that are connected to the network hosted by the vehicle will stay connected. This feature uses optimized roaming v2 (extensions) above.

Application Visibility and Control (AVC) for FlexConnect local switched access points

This release extends the AVC functionality from the wireless controller to the access point.

AVC on a FlexConnect access point provides application visibility and control for locally switched client traffic. AVC on FlexConnect uses Protocol Pack 8.0 and Cisco Network-Based Application Recognition (NBAR) engine version 16.

Helps the network administrator improve the quality of experience of key applications at the local site by dropping or rate-limiting high-bandwidth noncritical applications for locally switched clients, in addition to the centrally switched traffic that is traversing over the WAN.

Monitoring the high-availability (HA) standby WLC

Enhancement to the HA-MIB that enables the administrator to monitor the status and health of the active and standby controllers. Standby WLC information is available using command-line interface (CLI), WLC GUI, and Simple Network Management Protocol (SNMP).

Management platforms can use the SNMP information to monitor the HA pair instance using a single interface.

Administrators gain more insight into the health, CPU utilization, and process memory of the active as well as standby WLC to troubleshoot redundancy issues.

The standby and active WLC status continue to be managed using one interface per HA pair.

WLC integration with Lync SDN API

This feature enables the Cisco WLC to integrate with a Microsoft Lync server. Using Lync SDN API, the Lync server sends out notification when a Lync event (voice call, video call, file transfer, or desktop sharing) occurs on the network. The Cisco WLC interprets the API messages to take appropriate quality-of-service (QoS) actions and provides more visibility (mean opinion score, Lync client heath) into the Lync events on the wireless network using the Lync SDN dashboard.

Provides real-time visibility into the Lync call metrics on the wireless network to prioritize Lync voice, video, and desktop sharing.

Also provides monitoring of all Lync calls placed on the wireless network, enabling easy troubleshooting of Lync call issues.

AVC enhancements for user role, device, and application-specific policy

Updates and enhancements include:

Enables organizations to provide appropriate access to wireless users based on roles by properly managing applications and their bandwidth use instead of incurring costly upgrades.

WLAN express and best practices on WLCs

Simplifies the initial (day-zero) setup for WLCs with over-the-air setup and best practice defaults that enable RF parameter optimization and network profiles.

A new RF dashboard enables easy monitoring of RF parameters. An audit page on upgrade helps ensure easy compliance reporting with best practices and provides a one-click fix-it option.

Simplified operations and enhanced performance, security, and resiliency with best practice recommendations turned on at bootup time.

Seamless roaming with Inter-Release Controller Mobility (IRCM) between WLC8510, WLC8540, and WLC 5220 with the WLC5760

Enables seamless mobility and wireless services across high-scale controllers running AireOS and Cisco IOS^® Software using new mobility for features such as Layer 2 and Layer 3 roaming and guest access/termination.

Enables seamless roaming for clients for deployments with a mix of different types of WLCs.

AAA override of VLAN for FlexConnect

Allows a VLAN name to map to different vlan IDs depending on the local site or FlexConnect group.

Simplifies deployments by allowing use of a common VLAN name across different FlexConnect groups that have differing vlan IDs configured.

Kernel-based Virtual Machine (KVM) support for virtual WLC

The virtual WLC adds support for KVM.

Expands the types of deployments that can take advantage of the virtual footprint WLC.

Primary, secondary, and tertiary guest anchor capability

Assigns a fixed priority to each anchor controller or HA pair. The highest priority controller will be designated as the primary anchor. This feature also allows load distribution in round-robin fashion if the priorities are the same.

Provides a mechanism to deterministically assign primary and secondary guest anchor controllers based on physical proximity or load preference for the anchor controllers.

Multicountry domain support on WLC

Enables multiple country codes to be configured on a single WLC with bridge mode access points connected.

Several WLCs deployed across multiple countries can be consolidated to a single WLC to manage access points in multiple regions.

Improved Mesh convergence time

Builds upon improvements made in the 8.0 release by adding channel change notification messaging, further improving network availability times.

Minimizes network downtime after mesh node failure.

Ethernet over generic routing encapsulation (EoGRE) tunneling from WLC and access point

Enables tunneling data traffic from WLC or access point to a mobile packet core using EoGRE tunnels.

Enables service providers to aggregate traffic from hotspots to mobile packet core networks. Service providers can offload their mobile networks to a Wi-Fi-based access mechanism and continue to manage traffic in the service provider mobile packet core infrastructure.

Cisco TrustSec^® support on 8500 Series WLCs and WLC5520

Security Group Tag Exchange Protocol (SXP) support on WLC8510, WLC8540, and WLC5520 can be used to advertise SGT information to SGT-capable switches so that appropriate role-based access control lists (RBACLs) can be activated depending on the role information represented by the SGT.

Enables organizations to secure their networks and services through identity-based access control for anyone, anywhere, anytime. The solution also offers data integrity and confidentiality services, policy-based governance, and centralized monitoring, troubleshooting, and reporting services.